There are numerous systems in the prior art which provide biometric authentication of an individual. These systems generally require that a user is first registered or enrolled by providing their biometric identification information to a central or remote database resource. Corresponding biometric information is subsequently gathered in real time from a user at a point of access, such as an immigration desk, a building entry system or a computer login facility. The central database of biometric information is generally remote from the points of access. Before a user is allowed access to the resource, the biometric information gathered at the point of access in real time is compared with the central or remote database and a decision is then made whether the user presenting at the point of access corresponds with a registered user.
There are a number of potential disadvantages with such a system.
The implementation of a central database requires real time communication with that database for every point of access, in order to authenticate users presenting themselves at the points of access. If there are many points of access, this necessitates an extensive communication infrastructure. The implementation of a central database also requires that users are happy to have their biometric information stored remotely by a third party, which may not always be the case. The use of a remote database also means that the user's biometric information must be transmitted over the communication infrastructure for every authentication event so that comparison can take place, either at the point of access or at the central database. In other words, for the comparison between a registered user's biometric information and that gathered in real time for a user under test, either the centrally held registration record must be transferred to the point of access, or the real time gathered information from the point of access must be transferred to the central database. In either case, transferring such information over communication networks, and in particular over long distance communication networks, provides an additional security risk and/or an encryption and decryption overhead. Finally, centrally stored biometric data can only be accessed from the service provider with whom the user enrolled. Users must therefore provide their biometric profiles separately to every service provider who wishes to use such biometric identity verification to validate user access.
The apparatuses (which may include devices and systems including such devices) described herein may overcome or mitigate some or all of the problems identified above for traditional biometric systems.